1 Reply Latest reply on Feb 5, 2019 12:26 PM by patrick.byrne.0 Branched from an earlier discussion.

    Re: Important: As of January 18th, 2019, Tableau Online will only support encrypted connections over TLS 1.2

    kushal Joshi

      Hi Team,

       

      I am new to tableau server, one of our client has implemented self signed SSL certificate but in security audit infosec team has found "Obsolete SSL/TLS version Supported", now we want to obsolete the older version of SSL (V1, V2 and V3) and TLS versions (V1.0 and V1.1), but i am not getting how should i create the new TLS certificate (V1.2).

      i have gone through security hardening article of tableau where i got command for the same.

      ("tsm configuration set -k ssl.protocols -v "all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1")

       

      can you guys help/guide me regarding creating the TLS certificate with openssl.

       

      Thank you in advanced.

        • 1. Re: Important: As of January 18th, 2019, Tableau Online will only support encrypted connections over TLS 1.2
          patrick.byrne.0

          Hello Kushal,

           

          Thanks for posting in the Tableau Community. Can you verify the command was run as outlined in the following document, quoted below, Security Hardening Checklist - Tableau

           

          The following tsm command enables TLS v1.2 (using the "all" parameter) and disables SSL v2, SSL v3, TLS v1, and TLS v1.1 (by prepending the minus [-] character to a given protocol).

           

          tsm configuration set -k ssl.protocols -v 'all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1'

          tsm pending-changes apply

           

          The pending-changes apply command displays a prompt to let you know this will restart Tableau Server if the server is running. The prompt displays even if the server is stopped, but in that case there is no restart. You can suppress the prompt using the --ignore-prompt option, but this does not change the restart behavior. For more information, see tsm pending-changes apply.

           

          I would verify that you leverage single quotes in the command and not double when listing out the protocols.

           

          Hope this helps!

           

          Cheers,

          Byrne, Patrick

          Community Manager

          Tableau Software